Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stefano Tempesta Secure Machine Learning with SQL Server Always Encrypted with Secure Enclaves.

Published byLanny Tedja Modified over 5 years ago

Similar presentations

Presentation on theme: "Stefano Tempesta Secure Machine Learning with SQL Server Always Encrypted with Secure Enclaves."— Presentation transcript:

1 Stefano Tempesta Secure Machine Learning with SQL Server Always Encrypted with Secure Enclaves

2 Protecting Data Through its Lifecycle
Existing New In use Protect/Encrypt data that is in use during computation Industry-first solution: Always Encrypted At rest Encrypt inactive data when stored in database files, backup files, log files, etc. Examples include: SQL Server Transparent Database Encryption (TDE) In transit Encrypt data that is flowing between applications and the database Examples include: TLS

3 Confidential Computing using Enclaves
Enclave – an isolated region of memory. Provides a trusted execution environment. Data stored inside the enclave cannot be accessed outside of the enclave.​ Code running inside enclave must be signed and cannot be modified​. Code Data App App Operating System Hypervisor Hardware

4 Intel Software Guard Extension (SGX) Hypervisor

5 azure.microsoft.com/solutions/confidential-compute

6

7

8 SQL Server 2019 Always Encrypted with Secure Enclaves

9 Always Encrypted with Secure Enclaves
Enhanced Client Driver plaintext ciphertext SQL C: \ Protects sensitive data in use while preserving rich queries and providing in-place encryption plaintext Enclave Secure computations inside an enclave SQL Server Engine delegates operations on encrypted to a secure enclave, where the data can be safely decrypted and processed Rich Queries Supports pattern matching (LIKE), range queries (<, >, etc.), and indexing on encrypted columns In-place Encryption The secure enclave supports initial data encryption and key rotation in-place - without moving the data out of the database

10 Look inside an Enclave Browsing the memory of an enclave with a debugger reveals nothing

11 Enhanced Client Driver
Enclave Attestation How do you (and your app) know the enclave can be trusted? By using an attestation protocol and an attestation service Attestation Service Enhanced Client Driver plaintext ciphertext SQL C: \ plaintext Enclave

12 Enhanced Client Driver
Secure Tunnel How does the enclave get the keys to encrypt/decrypt data? Via a secure tunnel: the client driver and enclave negotiate a session key The client driver Encrypts columns encryption key with the session key Signs queries that require enclave computations Enclave plaintext Enhanced Client Driver ciphertext SQL C: \

13 Attestation using Host Guardian Service
What is attestation? A process to assess the health/integrity of a remote service, OS or workload Leverages industry standard security technologies: Trust Platform Module (TPM) V2 UEFI secure boot Measured boot (TCGlog) What is the Host Guardian Service (HGS)? Windows Server 2016/2019 role Provides health attestation and key release Currently used by SQL and Hyper-V

14 Attestation modes HGS supports a few different attestation modes
The mode of attestation does NOT affect how the workload works. It only affects the level of trust and integrity a caller can place in the workload. 3 attestation modes Active Directory (admin) mode Recommended use cases: Lab, PoC Host Key mode TPM or hardware mode (recommended) Recommended use cases: Lab, PoC, production SQL HGS Trust

15

16 Open Enclave SDK openenclave.io github.com/Microsoft/openenclave

17 Multiparty Machine Learning

18

19 ML.NET ML.NET (dot.net/ml) Multi-class Classification Single source: 80% accuracy Multiple sources: 96% accuracy { "risk": 0.0, "age": 0, "sex": 0, "smoker": false, "chestPain": 0, "bloodPressure": 0, "serumCholestoral": 0, "fastingBloodSugar": false, "maxHeartRate": 0 } { "score": 0.0, "accuracy": 0.0 } Medical Record Output: risk class

20 @stefanotempesta /in/stefanotempesta THANK YOU!

21 GOLD Silver Bronze

Download ppt "Stefano Tempesta Secure Machine Learning with SQL Server Always Encrypted with Secure Enclaves."

Similar presentations

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Vpn-info.com.

Vpn-info.com.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
Sony White House Anthem Lockheed Aramco Bushehr nuclear reactor NSA Hacked Facebook Hacked Apple,Google,Microsoft,

Sony White House Anthem Lockheed Aramco Bushehr nuclear reactor NSA Hacked Facebook Hacked Apple,Google,Microsoft,
Overview and Roadmap for Microsoft SQL Server Security

Overview and Roadmap for Microsoft SQL Server Security
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Windows 7 Windows Server 2008 R2 VirtualizationVirtualization Heterogeneous Server Environment Inventory Linux, Unix & VMware Windows 7 & Server 2008.

Windows 7 Windows Server 2008 R2 VirtualizationVirtualization Heterogeneous Server Environment Inventory Linux, Unix & VMware Windows 7 & Server 2008.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.

Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 

Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
Session Agenda Designed to address BIOS Limitations Needed for the larger server platforms (Intel-HP Itanium) First called Intel Boot Initiative.

Session Agenda Designed to address BIOS Limitations Needed for the larger server platforms (Intel-HP Itanium) First called Intel Boot Initiative.
Roy Ernest Database Administrator Pinnacle Sports Worldwide SQL Server 2008 Transparent Data Encryption.

Roy Ernest Database Administrator Pinnacle Sports Worldwide SQL Server 2008 Transparent Data Encryption.
Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.

Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.
Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.

Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.
VirtualBox What you need to know to build a Virtual Machine.

VirtualBox What you need to know to build a Virtual Machine.
Additional Security Tools Lesson 15. Skills Matrix.

Additional Security Tools Lesson 15. Skills Matrix.
A Brief Documentation.  Provides basic information about connection, server, and client.

A Brief Documentation.  Provides basic information about connection, server, and client.
How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.

How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
General Concerns on WWW Security Name: Huaying Chen ID# 104714 Instructor: Dr Mort Anvari.

General Concerns on WWW Security Name: Huaying Chen ID# Instructor: Dr Mort Anvari.

Similar presentations

Ads by Google